package com.xuecheng.auth.service;

import com.xuecheng.auth.client.UserClient;
import com.xuecheng.framework.domain.ucenter.XcMenu;
import com.xuecheng.framework.domain.ucenter.ext.XcUserExt;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.ClientDetailsService;
import org.springframework.stereotype.Service;

import java.util.ArrayList;
import java.util.List;

@Service
public class UserDetailsServiceImpl implements UserDetailsService {
	@Autowired
	ClientDetailsService clientDetailsService;
	@Autowired
	UserClient userClient;

	@Override
	public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
		//取出身份，如果身份为空说明没有认证
		Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
		//没有认证统一采用httpbasic认证，httpbasic中存储了client_id和client_secret，开始认证client_id和client_secret
		if (authentication == null) {
			ClientDetails clientDetails = clientDetailsService.loadClientByClientId(username);
			if (clientDetails != null) {
				//密码
				String clientSecret = clientDetails.getClientSecret();
				return new User(username, clientSecret, AuthorityUtils.commaSeparatedStringToAuthorityList(""));
			}
		}
		if (StringUtils.isEmpty(username)) {
			return null;
		}
		// 远程调用用户中心根据账号查询用户信息
		XcUserExt xcUserExt = userClient.getUserext(username);
		if (xcUserExt == null) {
			// 返回空给Spring security表示用户不存在
			return null;
		}
		//取出正确密码（hash值）
		String password = xcUserExt.getPassword();
		//从数据库获取权限
		List<XcMenu> permissions = xcUserExt.getPermissions();
		if (permissions == null) {
			permissions = new ArrayList<>();
		}
		List<String> user_permission = new ArrayList<>();
		permissions.forEach(item -> user_permission.add(item.getCode()));
		String user_permission_string = StringUtils.join(user_permission.toArray(), ",");
		UserJwt userDetails = new UserJwt(username, password, AuthorityUtils.commaSeparatedStringToAuthorityList(user_permission_string));
		userDetails.setId(xcUserExt.getId());
		//用户类型
		userDetails.setUtype(xcUserExt.getUtype());
		//所属企业
		userDetails.setCompanyId(xcUserExt.getCompanyId());
		//用户名称
		userDetails.setName(xcUserExt.getName());
		//用户头像
		userDetails.setUserpic(xcUserExt.getUserpic());
       /* UserDetails userDetails = new org.springframework.security.core.userdetails.User(username,
                password,
                AuthorityUtils.commaSeparatedStringToAuthorityList(""));*/
		//AuthorityUtils.createAuthorityList("course_get_baseinfo","course_get_list"));
		return userDetails;
	}
}
